Experiences, Conferences, and What Really Matters
This month gave me two very different marketing experiences. First, Demandbase invited me to drive a supercar at Circuit of the Americas. Spending time behind the wheel at 140 mph created an immediate, positive association with their brand, and their field marketing team struck the perfect balance by facilitating genuine conversations without pushing the sale. It was a reminder of how powerful real-world experiences can be. At about the same time, I attended a major industry conference that left much to be desired. The event felt inefficient and uninspiring. While the networking was valuable, the overall structure (multiple tracks, vague session descriptions, and a clunky mobile app that seemed like their website just delivered as an app) made it difficult to extract value. It got me thinking about what we're really asking of our audiences. When someone gives us their time, they're giving us something genuinely valuable and finite. That Demandbase experience? Worth every minute. That conference? The math didn't math as my kids say.
A Shift in Perspective
After catching myself sinking into a doom loop of dark drafts about accountability failures and broken systems, I scrapped everything and focused on what is bringing me joy instead: pizza nights that pull my family together, comedians who make you laugh without punching down, a tiny espresso machine that quietly upgrades the day, Ted Lasso’s reminder that optimism is a choice, and the Savannah Bananas’ masterclass in designing pure delight. All of it reinforced the same idea that joy is not a break from serious work. It is the fuel that builds trust, strengthens teams, and makes people come back.
When Systems Break Down (And What Comes Next)
Between data breaches that shouldn't happen, AI that's getting a little too curious for its own good, and that gnawing sense that everything feels stuck, it's easy to wonder if we're living through some kind of civilizational debugging session. But here's the thing about broken systems: they're often the precursor to something better. The current moment isn't just about things falling apart, it's about the opportunity to build something more thoughtful, more secure, and more human-scale.
Off the Mic: Cloud Security Can’t Be an Afterthought
Cloud security isn’t just about adding tools—it’s about making them work together. This week, Off the Mic dives into the shift toward prevention-first security, new CISA vulnerabilities, MFA bypass tactics, and the latest cyber threats shaping the landscape.
Are You Leaving the Backdoor Open for Hackers?
What Caught My Attention This Week?
China Breaches U.S. Treasury: A stark reminder of the dangers lurking in supply chain vulnerabilities.
AI Deepfakes Target Elections: Sanctions reveal how Russia and Iran weaponize disinformation campaigns.
Chrome Extensions Compromised: Trusted tools turned into silent data thieves by hackers.
And on Threat Vector this week, I had a conversation with Margaret Kelly about the hidden dangers of cloud misconfigurations. From loose permissions to exposed infrastructure, we explored how these gaps are a dream for nation-state attackers like those behind the Treasury breach. This is a reminder that fixing your cloud is no longer optional—it’s urgent.
North Korean Hackers Master the Art of Invisibility
What Caught My Attention This Week?
Unit 42 revealed Silent Skimmer
Germany’s New Law: A Win for Security Researchers
Snowflake Data Breach Arrest
And on Threat Vector this week, I had a conversation with Assaf Dahan about what makes North Korean hackers a cyber force to be reckoned with. Their motivations go beyond financial gain to include sabotage, espionage, and political influence.
Iran’s Cyber Arsenal Blends Deepfakes with Disruption
Kyle Wilhoit and Michal Goldstein join me on Threat Vector to discuss how adaptive, intelligence-led incident response is key to tackling hybrid threats like deepfakes, doxing, ransomware, and stealthy espionage campaigns. From Iran’s disinformation playbook to China’s prolonged intrusions, war rooms must be ready for it all. Plus, Macron’s Strava leak highlights the privacy risks of location-tracking apps.
Crisis Leadership Secrets to Survive Cyber Chaos
Crisis Tips from Chris Scott
Decisiveness, drills, and transparency are vital as SEC penalties highlight the cost of secrecy.
Microsoft Rootkit Risk
A driver flaw opens systems to stealthy rootkits. Monitor kernel activity.
SolarWinds Fines Warn CISOs
SEC penalties stress the need for honest breach disclosure.
Crackdown on Disinfo Domains
Senator Warner targets Russian-linked sites, increasing scrutiny on registrars.
Inside Threat Vector’s Bold Conversations on IoT, XDR, and Quantum Security
This week, Unit 42 exposed "Deceptive Delight," a method for bypassing AI safeguards by embedding harmful prompts in harmless ones, underscoring the need for stronger AI defenses. Meanwhile, Lumma Stealer malware is bypassing CAPTCHAs to steal sensitive data, and Bumblebee malware has resurfaced, more dangerous and harder to detect, highlighting the urgency of robust ransomware defenses. On Threat Vector, I had thought-provoking conversations with Dr. Daniel Ford on cyber hygiene, Dr. May Wang on IoT security, and Allie Mellen from Forrester on XDR, offering fresh insights into evolving cyber challenges.